From: Johan Hedberg <johan.hedberg@gmail.com>
To: Anderson Lizardo <anderson.lizardo@openbossa.org>
Cc: linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH 2/3] Bluetooth: Add initial Bluetooth Management interface callbacks
Date: Mon, 6 Dec 2010 16:21:16 +0200 [thread overview]
Message-ID: <20101206142116.GA19084@jh-x301> (raw)
In-Reply-To: <AANLkTimYKSvo8WpNa-ft61MoBaAgKZxt5j0qVuRBfCb3@mail.gmail.com>
Hi Anderson,
On Mon, Dec 06, 2010, Anderson Lizardo wrote:
> On Sun, Dec 5, 2010 at 2:19 PM, <johan.hedberg@gmail.com> wrote:
> > +static void cmd_status(struct sock *sk, u16 cmd, u8 status)
> > +{
>
> I see some inconsistence on how you calculate struct sizes on this
> function. See below...
>
> > + struct sk_buff *skb;
> > + struct mgmt_hdr *hdr;
> > + struct mgmt_ev_cmd_status *ev;
> > +
> > + BT_DBG("sock %p", sk);
> > +
> > + skb = alloc_skb(sizeof(*hdr) + sizeof(*ev), GFP_ATOMIC);
>
> Here you use sizeof(<var>)
Yep, in Chapter 14 of Documentation/CodingStyle this seems to be the
preferred form.
> > + if (!skb)
> > + return;
> > +
> > + hdr = (void *) skb_put(skb, sizeof(struct mgmt_hdr));
>
> But here you use sizeof(<struct>). Could be sizeof(*hdr)?
Yes, could be.
> > +
> > + hdr->opcode = cpu_to_le16(MGMT_EV_CMD_STATUS);
> > + hdr->len = cpu_to_le16(3);
>
> and here a hard-coded size. Could be sizeof(struct mgmt_ev_cmd_status)?
Yes, could be.
> > + if (len != msglen - sizeof(struct mgmt_hdr)) {
>
> You could use sizeof(*hdr) here.
Indeed.
I suppose these style fixes should be as a separate patch since the
original one already got acks from the relevant people? (if not, someone
please enlighten me how the kernel patch process deals with comments
received after acks :)
> > + err = -EINVAL;
> > + goto done;
> > + }
> > +
> > + switch (opcode) {
> > + default:
> > + BT_DBG("Unknown op %u", opcode);
> > + cmd_status(sk, opcode, 0x01);
> > + break;
> > + }
> > +
> > + err = msglen;
>
> Would there be a chance of integer overflow here? The function returns
> (signed) int, but msglen is (unsigned) size_t.
The core of the issue is in the way that the sendmsg callback for
sockets is defined. At least L2CAP and RFCOMM sockets do similar
assignments in their sendmsg callbacks so I've assumed it to be ok.
Johan
next prev parent reply other threads:[~2010-12-06 14:21 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-05 18:19 Initial Management interface patches (rebased) johan.hedberg
2010-12-05 18:19 ` [PATCH 1/3] Bluetooth: Add Bluetooth Management interface definitions johan.hedberg
2010-12-05 18:19 ` [PATCH 2/3] Bluetooth: Add initial Bluetooth Management interface callbacks johan.hedberg
2010-12-06 13:11 ` Anderson Lizardo
2010-12-06 14:21 ` Johan Hedberg [this message]
2010-12-06 20:37 ` Gustavo F. Padovan
2010-12-05 18:19 ` [PATCH 3/3] Bluetooth: Make hci_send_to_sock usable for management control sockets johan.hedberg
-- strict thread matches above, loose matches on Subject: below --
2010-12-07 22:21 Initial Management patches (rebased again) johan.hedberg
2010-12-07 22:21 ` [PATCH 2/3] Bluetooth: Add initial Bluetooth Management interface callbacks johan.hedberg
2010-11-24 14:39 Initial set of Management interface patches johan.hedberg
2010-11-24 14:39 ` [PATCH 2/3] Bluetooth: Add initial Bluetooth Management interface callbacks johan.hedberg
2010-11-24 14:48 ` Marcel Holtmann
2010-11-24 14:55 ` Andrei Emeltchenko
2010-11-24 21:47 ` Johan Hedberg
2010-11-24 21:58 ` Gustavo F. Padovan
2010-11-24 15:38 ` Anderson Lizardo
2010-11-24 19:10 ` Gustavo F. Padovan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101206142116.GA19084@jh-x301 \
--to=johan.hedberg@gmail.com \
--cc=anderson.lizardo@openbossa.org \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).